Matt Caswell 103b171d8f A memory leak can occur in dtls1_buffer_record if either of the calls to ... ssl3_setup_buffers or pqueue_insert fail. The former will fail if there is a malloc failure, whilst the latter will fail if attempting to add a duplicate record to the queue. This should never happen because duplicate records should be detected and dropped before any attempt to add them to the queue. Unfortunately records that arrive that are for the next epoch are not being recorded correctly, and therefore replays are not being detected. Additionally, these "should not happen" failures that can occur in dtls1_buffer_record are not being treated as fatal and therefore an attacker could exploit this by sending repeated replay records for the next epoch, eventually causing a DoS through memory exhaustion. Thanks to Chris Mueller for reporting this issue and providing initial analysis and a patch. Further analysis and the final patch was performed by Matt Caswell from the OpenSSL development team. CVE-2015-0206 Reviewed-by: Dr Stephen Henson <steve@openssl.org>		2015-01-08 15:49:45 +00:00
..
bio_ssl.c	OPENSSL_NO_SOCK fixes.	2012-04-16 17:42:36 +00:00
d1_both.c	mark all block comments that need format preserving so that	2014-12-30 22:10:26 +00:00
d1_clnt.c	Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset	2014-11-20 14:57:15 +01:00
d1_lib.c	dtls1_new: free s on error path	2014-12-04 23:48:44 +01:00
d1_meth.c	Dual DTLS version methods.	2013-04-09 14:02:48 +01:00
d1_pkt.c	A memory leak can occur in dtls1_buffer_record if either of the calls to	2015-01-08 15:49:45 +00:00
d1_srtp.c	Additional fix required for no-srtp to work	2015-01-05 14:17:51 +00:00
d1_srvr.c	fix compilation error	2015-01-06 02:17:07 +00:00
dtls1.h	Remove instances in libssl of the constant 28 (for size of IPv4 header + UDP)	2014-12-03 09:24:12 +00:00
heartbeat_test.c	mark all block comments that need format preserving so that	2014-12-30 22:10:26 +00:00
install-ssl.com	Install srtp.h	2012-07-05 13:20:19 +00:00
kssl_lcl.h	Merge from 1.0.0-stable branch.	2009-04-23 16:32:42 +00:00
kssl.c	Further comment amendments to preserve formatting prior to source reformat	2015-01-06 15:45:25 +00:00
kssl.h	mark all block comments that need format preserving so that	2014-12-30 22:10:26 +00:00
Makefile	make update	2014-12-11 23:52:47 +00:00
s3_both.c	Further comment amendments to preserve formatting prior to source reformat	2015-01-06 15:45:25 +00:00
s3_cbc.c	Further comment amendments to preserve formatting prior to source reformat	2015-01-06 15:45:25 +00:00
s3_clnt.c	fix error discrepancy	2015-01-07 18:10:03 +00:00
s3_enc.c	ssl3_digest_cached_records: check for NULL after allocating s->s3->handshake_dgst	2014-12-10 18:35:17 +01:00
s3_lib.c	Clear warnings/errors within KSSL_DEBUG code sections	2014-12-17 10:15:09 +01:00
s3_meth.c	New option no-ssl3-method which removes SSLv3_*method	2014-11-19 18:11:37 +00:00
s3_pkt.c	Fix crash in dtls1_get_record whilst in the listen state where you get two	2015-01-08 11:18:16 +00:00
s3_srvr.c	Unauthenticated DH client certificate fix.	2015-01-08 15:49:45 +00:00
s23_clnt.c	Remove some unnecessary OPENSSL_FIPS references	2014-12-08 13:18:43 +00:00
s23_lib.c	Remove SSLv2 support	2014-12-04 11:55:03 +01:00
s23_meth.c	Remove SSLv2 support	2014-12-04 11:55:03 +01:00
s23_pkt.c	Reorder inclusion of header files:	2002-07-10 07:01:54 +00:00
s23_srvr.c	mark all block comments that need format preserving so that	2014-12-30 22:10:26 +00:00
srtp.h	Add include of ssl.h which is required by srtp.h	2014-11-27 13:16:36 +00:00
ssl2.h	Remove SSLv2 support	2014-12-04 11:55:03 +01:00
ssl3.h	Remove SGC restart flag.	2015-01-02 22:56:54 +00:00
ssl23.h	Import of old SSLeay release: SSLeay 0.9.0b	1998-12-21 10:56:39 +00:00
ssl_algs.c	Remove SSLv2 support	2014-12-04 11:55:03 +01:00
ssl_asn1.c	Remove SSLv2 support	2014-12-04 11:55:03 +01:00
ssl_cert.c	ssl_cert_dup: Fix memory leak	2014-12-04 23:48:44 +01:00
ssl_ciph.c	mark all block comments that need format preserving so that	2014-12-30 22:10:26 +00:00
ssl_conf.c	Allow using -SSLv2 again when setting Protocol in the config.	2014-12-15 18:09:53 +01:00
ssl_err2.c	Use new-style system-id macros everywhere possible. I hope I haven't	2001-02-20 08:13:47 +00:00
ssl_err.c	Add more meaningful OPENSSL_NO_ECDH error message for suite b mode	2014-12-16 14:14:09 +00:00
ssl_lib.c	Only inherit the session ID context in SSL_set_SSL_CTX if the existing	2015-01-06 23:09:25 +01:00
ssl_locl.h	Remove MS SGC	2015-01-02 22:56:54 +00:00
ssl_rsa.c	serverinfo_process_buffer: check result of realloc(ctx->cert->key->serverinfo) and don't leak memory if it fails	2014-12-10 18:35:17 +01:00
ssl_sess.c	Further comment amendments to preserve formatting prior to source reformat	2015-01-06 15:45:25 +00:00
ssl_stat.c	Remove SSLv2 support	2014-12-04 11:55:03 +01:00
ssl_task.c	mark all block comments that need format preserving so that	2014-12-30 22:10:26 +00:00
ssl_txt.c	Remove SSLv2 support	2014-12-04 11:55:03 +01:00
ssl_utst.c	Add conditional unit testing interface.	2014-07-24 19:41:29 +01:00
ssl-lib.com	Add d1_srtp and t1_trce.	2012-07-05 13:20:02 +00:00
ssl.h	Only allow ephemeral RSA keys in export ciphersuites.	2015-01-06 02:06:39 +00:00
ssltest.c	Further comment amendments to preserve formatting prior to source reformat	2015-01-06 15:45:25 +00:00
t1_clnt.c	Use appropriate versions of SSL3_ENC_METHOD	2013-03-18 14:53:59 +00:00
t1_enc.c	Further comment amendments to preserve formatting prior to source reformat	2015-01-06 15:45:25 +00:00
t1_ext.c	Rename some callbacks, fix alignment.	2014-08-28 17:06:53 +01:00
t1_lib.c	Fix building with no-srtp	2015-01-05 14:17:22 +00:00
t1_meth.c	Use appropriate versions of SSL3_ENC_METHOD	2013-03-18 14:53:59 +00:00
t1_reneg.c	Update RI to match latest spec.	2009-12-27 22:58:55 +00:00
t1_srvr.c	Use appropriate versions of SSL3_ENC_METHOD	2013-03-18 14:53:59 +00:00
t1_trce.c	Remove SSLv2 support	2014-12-04 11:55:03 +01:00
tls1.h	remove duplicate defines	2014-12-31 11:13:48 +01:00
tls_srp.c	Check SRP parameters early.	2014-08-06 20:36:41 +01:00